With FPM you can run several pools of processes with different setting.
These are settings that can be tweaked per pool.
-
listen
string
-
The address on which to accept FastCGI requests. Valid syntaxes are:
'ip.add.re.ss:port', 'port', '/path/to/unix/socket'. This option is
mandatory for each pool.
-
listen.backlog
int
-
Set listen(2) backlog. A value of -1
means maximum on BSD systems.
Default value: -1
(FreeBSD or OpenBSD) or 511
(Linux and other platforms).
-
listen.allowed_clients
string
-
List of IPv4 or IPv6 addresses of FastCGI clients which are allowed to connect. Equivalent
to the FCGI_WEB_SERVER_ADDRS environment variable in the original PHP FastCGI (5.2.2+).
Makes sense only with a tcp listening socket. Each address must be separated by a comma.
If this value is left blank, connections will be accepted from any ip address.
Default value: not set (any ip address accepted).
-
listen.owner
string
-
Set permissions for unix socket, if one is used. In Linux, read/write
permissions must be set in order to allow connections from a web
server. Many BSD-derived systems allow connections regardless of permissions.
Default values: user and group are set as the running user, mode is set to 0660.
-
listen.group
string
-
See listen.owner
.
-
listen.mode
string
-
See listen.owner
.
-
listen.acl_users
string
-
When POSIX Access Control Lists are supported you can set them using this option.
When set, listen.owner
and listen.group
are ignored. Value is a comma separated list of user names.
-
listen.acl_groups
string
-
See listen.acl_users
.
Value is a comma separated list of group names.
-
user
string
-
Unix user of FPM processes. This option is mandatory.
-
group
string
-
Unix group of FPM processes. If not set, the default user's group is
used.
-
pm
string
-
Choose how the process manager will control the number of child
processes. Possible values: static
, ondemand
,
dynamic
.
This option is mandatory.
static
- the number of child processes is fixed (pm.max_children
).
ondemand
- the processes spawn on demand (when requested,
as opposed to dynamic, where pm.start_servers
are started
when the service is started.
dynamic
- the number of child processes is set dynamically based on the
following directives: pm.max_children
, pm.start_servers
,
pm.min_spare_servers
, pm.max_spare_servers
.
-
pm.max_children
int
-
The number of child processes to be created when pm
is set to
static
and the maximum number of child processes to be created
when pm
is set to dynamic
. This
option is mandatory.
This option sets the limit on the number of simultaneous requests that
will be served. Equivalent to the ApacheMaxClients directive with
mpm_prefork and to the PHP_FCGI_CHILDREN environment variable in the
original PHP FastCGI.
-
pm.start_servers
int
-
The number of child processes created on startup.
Used only when pm
is set to dynamic
.
Default Value: min_spare_servers + (max_spare_servers -
min_spare_servers) / 2.
-
pm.min_spare_servers
int
-
The desired minimum number of idle server processes. Used only when
pm
is set to dynamic
. Also
mandatory in this case.
-
pm.max_spare_servers
int
-
The desired maximum number of idle server processes. Used only when
pm
is set to dynamic
. Also
mandatory in this case.
-
pm.max_spawn_rate
int
-
The number of rate to spawn child processes at once. Used only when
pm
is set to dynamic
.
Default value: 32
-
pm.process_idle_timeout
mixed
-
The number of seconds after which an idle process will be killed.
Used only when pm
is set to ondemand
.
Available units: s(econds)(default), m(inutes), h(ours), or d(ays).
Default value: 10s.
-
pm.max_requests
int
-
The number of requests each child process should execute before
respawning. This can be useful to work around memory leaks in 3rd party
libraries. For endless request processing specify '0'. Equivalent to
PHP_FCGI_MAX_REQUESTS. Default value: 0.
-
pm.status_listen
string
-
The address on which to accept FastCGI status request. This creates a new invisible pool
that can handle requests independently. This is useful if the main pool is busy with long
running requests because it is still possible to get the
FPM status page before finishing the long running
requests. The syntax is the same as for listen directive.
Default value: none.
-
pm.status_path
string
-
The URI to view the FPM status page. This value must
start with a leading slash (/). If this value is not set, no URI will be recognized as
a status page. Default value: none.
-
ping.path
string
-
The ping URI to call the monitoring page of FPM. If this value is not
set, no URI will be recognized as a ping page. This could be used to test
from outside that FPM is alive and responding. Please note that the value must
start with a leading slash (/).
-
ping.response
string
-
This directive may be used to customize the response to a ping
request. The response is formatted as text/plain with a 200 response code.
Default value: pong.
-
process.priority
int
-
Specify the nice(2) priority to apply to the worker process (only if set).
The value can vary from -19 (highest priority) to 20 (lower priority).
Default value: not set.
-
process.dumpable
bool
-
Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
or group is different than the master process user. It allows to create process
core dump and ptrace the process for the pool user.
Default Value: no. Since PHP 7.0.29, 7.1.17 and 7.2.5.
-
prefix
string
-
Specify prefix for path evaluation
-
request_terminate_timeout
mixed
-
The timeout for serving a single request after which the worker
process will be killed. This option should be used when the 'max_execution_time'
ini option does not stop script execution for some reason. A value of '0' means
'Off'. Available units: s(econds)(default), m(inutes), h(ours), or d(ays).
Default value: 0.
-
request_terminate_timeout_track_finished
bool
-
The timeout set by
request_terminate_timeout is not engaged
after a fastcgi_finish_request or
when application has finished and internal shutdown functions are being called. This
directive will enable timeout limit to be applied unconditionally even in such cases.
Default value: no. Since PHP 7.3.0.
-
request_slowlog_timeout
mixed
-
The timeout for serving a single request after which a PHP backtrace
will be dumped to the 'slowlog' file. A value of '0' means 'Off'.
Available units: s(econds)(default), m(inutes), h(ours), or d(ays).
Default value: 0.
-
request_slowlog_trace_depth
int
-
The depth of slowlog log stack trace.
Default value: 20. Since PHP 7.2.0.
-
slowlog
string
-
The log file for slow requests. Default value:
#INSTALL_PREFIX#/log/php-fpm.log.slow
.
-
rlimit_files
int
-
Set open file descriptor rlimit for child processes in this pool. Default value: system defined value.
-
rlimit_core
int
-
Set max core size rlimit for child processes in this pool. Possible Values: 'unlimited' or an integer greater or equal to 0.
Default value: system defined value.
-
chroot
string
-
Chroot to this directory at the start. This value must be defined as
an absolute path. When this value is not set, chroot is not used.
-
chdir
string
-
Chdir to this directory at the start. This value must be an absolute
path. Default value: current directory or / when chroot.
-
catch_workers_output
bool
-
Redirect worker stdout and stderr into main error log. If not set,
stdout and stderr will be redirected to /dev/null according to FastCGI specs.
Default value: no.
-
decorate_workers_output
bool
-
Enable the output decoration for workers output when catch_workers_output is enabled.
Default value: yes.
Available as of PHP 7.3.0.
-
clear_env
bool
-
Clear environment in FPM workers.
Prevents arbitrary environment variables from reaching FPM worker processes
by clearing the environment in workers before env vars specified in this
pool configuration are added.
Default value: Yes.
-
security.limit_extensions
string
-
Limits the extensions of the main script FPM will allow to parse.
This can prevent configuration mistakes on the web server side.
You should only limit FPM to .php extensions to prevent malicious
users to use other extensions to execute php code.
Default value: .php .phar
-
apparmor_hat
string
-
If AppArmor is enabled, it allows to change a hat.
Default value: not set
-
access.log
string
-
The access log file.
Default value: not set
-
access.format
string
-
The access log format.
Default value: "%R - %u %t \"%m %r\" %s"
:
It's possible to pass additional environment variables and update PHP settings of a certain pool.
To do this, you need to add the following options to the pool configuration file.